Updated dropbear package fixes a security vulnerability
Publication date: 08 Jan 2024Modification date: 08 Jan 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-48795
Description
Parts of the SSH specification are vulnerable to a novel prefix truncation attack (a.k.a. Terrapin attack), which allows a man-in-the-middle attacker to strip an arbitrary number of messages right after the initial key exchange, breaking SSH extension negotiation (RFC8308) in the process and thus downgrading connection security. ### Mitigations To mitigate this protocol vulnerability, OpenSSH suggested a so-called "strict kex" which alters the SSH handshake to ensure a Man-in-the-Middle attacker cannot introduce unauthenticated messages as well as convey sequence number manipulation across handshakes. Support for strict key exchange has been added to a variety of SSH implementations, including OpenSSH itself, PuTTY, libssh, and more. This release includes a patch to implement Strict KEX mode.
References
SRPMS
9/core
- dropbear-2022.83-2.1.mga9